Two critical vulnerabilities in Cursor IDE enable remote code execution via prompt injection
According to CSO Online, researchers discovered two critical vulnerabilities in Cursor IDE (CVE-2026-50548, CVE-2026-50549) that allow attackers to break out of command execution sandboxes through prompt injection, achieving remote code execution. The findings highlight prompt injection as a viable attack vector for IDE-based coding assistants.
Topics
Sources
- Press Read article
Go deeper
This intelligence is sourced automatically from public sources across the web and synthesised by the Prefactor AI pipeline. Stories are reviewed before publication.